In the recent past, China has been heavily scrutinized by countries like the U.S., India, and Australia for waging a cyberwar against their public, private, and critical infrastructure. The U.S. first cornered China with the Huawei cyber espionage claims and later with the TikTok data exfiltration accusation. Amidst all these accusations and allegations, Beijing has maintained that it has not crossed any lines of data sovereignty and shall continue to do so. Reassuring these words, Chinese Foreign Minister, Wang Yi, has unveiled China’s initiative that will set global standards on data security.
Wang Yi was addressing a global digital governance seminar in Beijing on September 8, 2020, where he introduced this initiative in a bid to bring all nations on the same page. He made his intentions clear as to what the initiative must include by talking about how technology firms must avoid creation of backdoors in their products and services that could allow data to be exfiltrated illegally. Wang Yi also urged the participants to respect the sovereignty, jurisdiction, and data management rights of other countries.
Wang Yi said, “Global data security rules that reflect the wishes of all countries and respect the interests of all parties should be reached on the basis of universal participation by all parties.” Taking an indirect jibe at the countries pointing fingers at it, he also added, “Some individual countries are aggressively pursuing unilateralism, throwing dirty water on other countries under the pretext of ‘cleanliness’, and conducting global hunts on leading companies of other countries under the pretext of security. This is naked bullying and should be opposed and rejected.”
The Need for a Global Data Security Regulatory Body
In a recent exclusive interview with Nikhil Korgaonkar, Regional Director, Arcserve India & SAARC, we asked him how multiple region-specific regulatory bodies restrict the growth of businesses and if there really is a need for a single data protection and privacy body. Korgaonkar said, “Businesses are reeling under the challenge of what we call compliance fatigue. GDPR in Europe; HIPAA, SOX, and FACTA in the U.S.; the California Consumer Protection Act, which came into force earlier this year; LGPD in Brazil; there is a multitude of compliance regulations that businesses face today. According to an estimate, CISOs spend 30% of their time dealing with compliance issues, an indication of how much productive mind space is being consumed by the fragmented regulatory landscape. There is certainly a need for a universal regulatory body and policy relating to data protection and privacy.
For that to happen, however, all the countries will need to come up with the same level of data security preparedness and understanding. It will have to be a symphony where each player plays their part to bring out a well-coordinated piece, which is music to everyone’s ears.”